|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 108
Members: 0
Total: 108
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Phpbb (site.com) hackable? (phpbb 2.0.10) |
|
Posted: Tue Nov 13, 2007 4:28 pm |
|
|
Uradin |
Beginner |
|
|
Joined: Nov 13, 2007 |
Posts: 1 |
|
|
|
|
|
|
|
I'm trying to get access to a phpbb forum:
Say for example: http://www.site.com
I don't want to deface it, change anything, or even post anything, I just want to be able to read it with access to all the boards.
A hash for user id 1, 2, or 3 would all work in the above case.
It's changelog shows it as phpbb 2.0.10
I've tried the 2.0.10 remote exploit with perl but just keep getting an exploit failed message.
I've also tried the Live Headers trick and it doesn't do anything at all.
I've also tried scripting a cookie stealer but, it doesn't seem to work for this site.
I've created my own forum to test vulnerabilities but, although its' 2.0.10 I think it's apparently a heavily patched 2.0.10.
This is from site.com so I'm guessing their patches are automatic for anyone using one of their free boards.
So, I'm guessing all those vulns. already defunct.
I've done some stuff on my own, or at least I tried.
If someone can help out, get me a hash for one of the uid's (1,2, or 3) or help me get one/point me in the right direction, I would appreciate it thanks. |
|
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|